CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-20 07:53:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,874 Commits 18 Branches 120 Tags
f303363a735057196c98a809e1a66e81eaefa209
Commit Graph

79 Commits

Author SHA1 Message Date
Doug Burks
58936b31d5 FIX: Improve annotation for Elasticsearch index deletion #14682 2025-05-29 15:19:21 -04:00
Doug Burks
cce94d96d1 Update soc_elasticsearch.yaml to include note about ILM rollover 2025-03-06 11:14:48 -05:00
reyesj2
0f16b00563 osquery templates 2025-03-05 13:57:47 -06:00
reyesj2
124bf266b5 osquery v1.15.0 index templates updates 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-03-04 12:27:04 -06:00
reyesj2
9bc64bf453 managed int multiline input 2025-02-27 16:48:07 -06:00
Joshua Brower
e994f3a220 Fix commits 2025-01-27 14:48:50 -05:00
reyesj2
888145a2ed remove optional integrations from defaults.yaml & soc_elasticsearch.yaml 2024-12-03 08:55:43 -06:00
Jason Ertel
57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
reyesj2
039d5c22ac fix: crowdstrike integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-06 14:35:41 -06:00
Jorge Reyes
cf95af66c6 Revert "Add support for cybereason integration" 2024-10-21 15:23:05 -04:00
reyesj2
8b11019712 Add support for cybereason integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-10-18 11:56:47 -04:00
reyesj2
322199358d add support for trendmicro integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-10-16 16:45:46 -04:00
Jason Ertel
523ff66389 connect work 2024-10-16 13:44:01 -04:00
Jason Ertel
cce9e162d4 remove colon to avoid yaml parsing problems 2024-09-16 15:30:14 -04:00
Jason Ertel
217bb388a0 Clarify enabled settings 2024-09-16 10:05:17 -04:00
weslambert
24504dcc87 Fix annotations typo 2024-09-12 10:54:13 -04:00
weslambert
602158aa56 Add annotations for barracuda and imperva 2024-09-11 15:52:23 -04:00
Josh Patterson
71f6b44c0c Merge pull request #13607 from Security-Onion-Solutions/esver 
use Elasticsearch version for some containers
 2024-09-04 13:30:07 -04:00
m0duspwnens
0af2e85f91 update annotation. 2024-09-04 10:32:11 -04:00
Josh Patterson
4c10282f40 add es version to annotation 2024-08-26 09:37:19 -04:00
weslambert
dc197f6a5c Add tenable settings 2024-08-15 23:06:53 -04:00
weslambert
46eeb014af Add metrics settings 2024-07-30 12:39:50 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
Wes
1f5a990b1e Remove lines that aren't needed right now 2024-07-09 18:32:06 +00:00
Wes
669f68ad88 Fleet metric annotations 2024-07-09 15:39:59 +00:00
Wes
e831354401 Add Suricata alerts setting for configuration 2024-05-30 17:00:11 +00:00
weslambert
d606f259d1 Add detection alerts 2024-05-13 14:25:11 -04:00
weslambert
fe2edeb2fb 30d to 60d 2024-05-01 11:01:59 -04:00
Doug Burks
4d6124f982 FIX: Elasticsearch min_age regex #12885 2024-04-30 10:18:34 -04:00
m0duspwnens
d50de804a8 update annotation 2024-04-25 09:04:34 -04:00
m0duspwnens
c9d9979f22 allow for enabled/disable of so-elasticsearch-indices-delete cronjob 2024-04-24 16:18:45 -04:00
weslambert
1b3a0a3de8 Remove hot max_age 2024-04-24 10:11:02 -04:00
weslambert
75b5e16696 Update description, type, and regex 2024-04-24 09:14:39 -04:00
weslambert
8a0a435700 Fix warm description 2024-04-24 08:35:19 -04:00
weslambert
691b02a15e Fix warm description 2024-04-23 10:40:09 -04:00
reyesj2
55cf90f477 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:44:59 -04:00
Wes
105eadf111 Add cef 2024-04-03 14:40:41 +00:00
reyesj2
000d15a53c Kismet integration: TODO Elasticsearch mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-29 13:56:01 -04:00
m0duspwnens
162785575c nest under policy 2024-02-21 15:28:24 -05:00
Wes
182667bafb Change numbers for Elasticsearch 2024-02-01 13:59:23 +00:00
Wes
bc502cc065 Custom Elasticserach pipeline annotations 2024-01-31 21:46:33 +00:00
Wes
7118cc8dee Add additional integration SOC configuration 2024-01-19 22:04:07 +00:00
weslambert
252c51dafb Change order of names 2024-01-12 16:45:18 -05:00
weslambert
a07e6e1058 OTX pulses 2024-01-12 16:43:33 -05:00
Wes
418f41c7e4 Add SOC configuration for metrics 2024-01-12 15:03:18 +00:00
Wes
c89d674a92 Add settings for integrations 2024-01-11 14:18:06 +00:00
weslambert
8cf5d9c1a6 Annotations 2023-12-13 11:55:40 -05:00
Doug Burks
ab0e6f9bec update broken help links in SOC Config 2023-12-06 14:35:51 -05:00
Mike Reeves
3d8663db66 Update soc_elasticsearch.yaml 2023-11-03 11:29:45 -04:00
Mike Reeves
25f1a0251f Annotation changes for warm node 2023-10-27 09:08:07 -04:00